
# vim:ft=sshconfig
# Based on:
# https://wiki.mozilla.org/Security/Guidelines/OpenSSH#Modern
# but instead of specifying what to use (more maintenance especially with
# different OSes and releases), specify what not to use. The baseline is
# ElementaryOS Hera, aka Ubuntu Bionic.
# http://manpages.ubuntu.com/manpages/bionic/en/man5/ssh_config.5.html
Ciphers -aes128-cbc,aes192-cbc,aes256-cbc
HostbasedKeyTypes -ssh-rsa,ssh-rsa-cert-v01@openssh.com
HostKeyAlgorithms -ssh-rsa,ssh-rsa-cert-v01@openssh.com
KexAlgorithms -diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1
MACs -umac-64-etm@openssh.com,hmac-sha1-etm@openssh.com,umac-64@openssh.com,hmac-sha1
PubkeyAcceptedKeyTypes -ssh-rsa-cert-v01@openssh.com,ssh-rsa
